Re: brute force ssh attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Matthew Miller wrote:
> On Thu, Apr 28, 2005 at 08:56:00AM -0400, William Hooper wrote:
>
>>>> Inexperienced sysadmins.
>>>>
>>> Sure. That is, "regular users of their own machines".
>>>
>> Nice job of completely quoting out of context, and completely missing
>> the point.
>
> I'm sorry -- I thought that *was* the point. Seriously, what more context
>  does one need here?

Well, the question asked would be nice:
"Thus it has some method of getting root privileges."

The response:
"Inexperienced sysadmins."

The quote showing that was the case:
"Daniel Kirsten wrote:
'Yesterday, I examined the directory ~daikanyama/.undernet and probably I
executed mech as root. The file mech is indeed infected by Linux/Rst-B.
This explains everything.......'

So the "method of getting root privileges" is "regular users of their own
machines" running random executables (like the ones downloaded by a script
kiddie) as root.

I'm interested in hearing how you would like to close this vulnerability.

--
William Hooper


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux